Re: Why running beagle as root not intended?



Hi,

On Sat, 2005-09-10 at 15:48 -0400, Kang Jeong-Hee wrote:
> But my machine has only one account 'root'. Beagle does not
> run on this box.
> 
> What about to put an option --enable-root?
> Beagle source seems have no problem with user priviliages, or not?

Beagle is built on top of literally millions of lines of code, many of
which haven't been audited.  Beagle also pulls in data from many
different sources, including (with the Firefox extension, for example)
data from the outside world.  This data could be malicious, so it's just
good common sense to limit the potential damage as much as possible.
This applies to more than just Beagle: nearly every application on your
system falls into this category.

If you really want to use it, fortunately it's open source and you can
remove the check in beagled/BeagleDaemon.cs.  But I'd really suggest
using a regular user account with password-less sudo access, similar to
how Ubuntu is setup by default.

Joe




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]